November 9, 2006

Privacy and Syndicated Data

Speaking to Data Warehousing, BI, CDI/MDM or other data management groups is an essential part of what I do, but it is always refreshing to get out of the basement once in a while to enjoy the opportunity to address groups of people outside of our little industry.

I've had the privilege every year for the past decade to be invited to come and talk about technology to the Society of Actuaries. Their annual conference is attended by literally thousands of people, though the technology section is a smaller subset. Between regulatory, professional and risk management issues, technology is not the highest priority. Nonetheless, they are a wonderful group of intelligent, informed people, many of whom suffer from data dysfunction of the most severe kind since a large part of their work is analytical.

One of the speakers was a statistician who presented material about his firm's use of commercially available data that could be used for underwriting, say, group health insurance. This really disturbed me. For example, when individuals fill out health questionnaires as part of the application process for small group insurance (and remember, the engine of economic value creation is small business), the are strict, regulatory limits on the questions that can be asked. But apparently, for as little as $.10 per person, according to this fellow, any underwriter can purchase up to 3500 bits of information about anyone (in the US, that is, where privacy is a debatable issue).

So, even though a health insurance underwriter can't discriminate based on gender, you could, theoretically, determine the gender makeup of the group by delving into the food the person eats, the car they drive (like a minivan), or the gym they belong to. It gets worse, much worse. When he showed a table of "diseases" he could predict based on this lifestyle data, the number one "disease" was ------ pregnancy!

I don't know about you, I think this is going too far.

To me, filling out a health questionnaire means that that is the extent of the health information that will be revealed. In point of fact, that isn't true, because they may ask for a attending physician's statement or go to the MIB (Medical Information Bureau) for more data, but both of those are indicated as possibilities in the fine print. What really irks me about this topic is that there is no explicit notice that data about food purchases (fast food, diet food, vegetarian, gourmet), self improvement (health/fitness, dieting/weight loss), fitness activities (aerobics, running, walking, tennis, golf), physical inactivity (television time, computer time, board games, stamp collecting), stress indicators (financial problems, family size and status, occupation) tobacco preferences, alcohol consumption, travel, vehicle type, etc. is going to be used. It just seems sneaky to me.

I asked the audience how they felt about this, and I was sort of shocked that no one had an objection. I probed a little more and asked how they would feel if someone was snooping around their grocery store purchases to evaluate them. One finally spoke and said, "I personally opt out of anything like that so there is a minimal amount of data about me."

"So you don't find it a little hypocritical that you opt out yourself, but you would use this data to evaluate others," I asked?

I got a shrug and a half-hearted, "There's lots of hypocrisy in the world."

That isn't a good enough answer. Now health insurers will tell you this a $1.2 trillion problem, but how is denying people health insurance based on the car they drive or their likelihood to, heaven forbid, have children, going to solve the problem? The problem with healthcare is the cost and the health insurers created the problem by indemnifying every outrageous cost until one day their monster came home to roost.